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Response to Amendment 

This Office Action is in response to a communication made on May 29, 2008. 
Claims 1-9 and 28 have been cancelled. 

Claims 10, 17-18, 21, 27, 30, 32, and 34-35 have been amended. 
Claims 10-27 and 29-35 are pending in this application. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 10-27 and 29-35 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Misra (5757920) in view of Sitaraman (6212561). 

Regarding claims 10, 18 and 21, Misra teaches a method for providing access 
management comprising: 

(a) authenticating access privileges of a user to a first (Column 7, lines 53 - 65) 
and a second server machine (Column 5, lines 10 - 21) whereby the first and second 
server machine are configured to comprise a secured item (Column 5, lines 10-14); 
and 

Misra does not explicitly indicate preventing access to a first one of the first and 
the second server machine while the user is accessing a second one of the first and 
second server machine; wherein the user is disconnected from the first one of the first 
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and the second server machine before being connected to the second one of the first 
and the second server machine . 

Sitaraman teaches a system including a plurality of secure domains (Col. 6, lines 
18-21) where the system forces the user to disconnect a first connection to a domain, 
before initiating a session connection to a secure domain (Col. 7, lines 8-23). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Sitaraman's teaching of only allowing the use to have one 
open session to a secure item or domain in Misra's system to ensure extra security 
against unauthorized users (Col. 9, lines 39 - 47). 

Regarding claims 29, 31, and 34, Misra teaches the method as recited in claims 
10, 18, and 21, wherein step (a) comprises: 

(a1 ) authenticating the user with the first server machine with respect to a 
previous access request (Column 7, lines 53 - 65); 

(a2) subsequently receiving a current access request via the second server 
machine (Column 5, lines 10-21); and 

(a3) authenticating the user with the second server machine with respect to the 
current access request (Column 5, lines 10 - 21 , where the user roams into a second 
domain, which can include using a different computer in the second domain, see Col. 7, 
lines 23-30). 

Regarding claims 30, 32, and 35, Misra teaches the method as recited in claims 
29, 31, and 34. 
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Misra does not explicitly indicate that wherein step (b) comprises: 

(b1) upon receiving the current access request via the second server machine, 
identifying a first local module previously supporting the user at the first server machine; 

(b2) reconfiguring the first local module at the first server machine to remove 
support for the user at the firs server machine; 

(b3) identifying a second local module to support the user at the second server 
machine; and 

(b4) reconfiguring the second local module at the second server machine to add 
support for the user at the second server machine. 

Sitaraman teaches a system including a plurality of secure domains (Col. 6, lines 
18 - 21 ) where the system forces the user to disconnect a first connection to a domain, 
before initiating a session connection to a secure domain (Col. 7, lines 8-23). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to use Sitaraman's teaching of only allowing the use to have one 
open session to a secure item or domain in Misra's system to ensure extra security 
against unauthorized users (Col. 9, lines 39 - 47). 

Regarding claims 11, 22, and 25, Misra teaches a method as recited in claims 
29, 31 , and 21 , wherein step (a1 ) authenticates both the user and a client machine 
being used by the user (Column 4, line 66 - Column 5, line 9). 
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Regarding claims 12 and 26, Misra teaches a method as recited in claims 29 
and 21 , wherein the first and the second server machine are access points for the user 
to gain access to the secured item (Column 5, lines 10-14). 

Regarding claims 13 and 23, Misra teaches a method as recited in claims 29 
and 32, wherein when the user is at a first location, the user interacts over a network 
with the first server machine, and when the user is at a second location, the user 
interacts over a network with the second server machine using a second client machine 
at the second location (Column 5, lines 10-21). 

Regarding claims 14, 20, and 27, Misra teaches a method as recited in claims 
30, 32, and 35, wherein said method further comprises: determining, prior to steps (b1), 
(b2), (b3), and (b4), whether the user is permitted to gain access from a second location 
to the secured item via the second server machine (Column 5, lines 10-16). 

Regarding claim 15, Misra teaches a method as recited in claim 39, wherein 
said step (a1 ) occurs while the user is at a first location, and wherein step (a2) occurs 
while the user is at a second location (Column 5, lines 10-21, wherein the system has 
a home location with maintains the credentials and authorization, which is then 
distributed through the server system). 

Regarding claims 16 and 24, Misra teaches a method as recited in claims 17 
and 33, wherein said method further comprises: 

(a4) upon receiving the current access request to access the secured item via 
the second server machine, determining permitted locations from which the user is 
permitted to access to the secured item; 
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(a5) determining, whether the second location is one of the permitted locations 
for the user; and 

(a6) bypassing steps (b1 ), (b2), (b3), and (b4) when step (a5) determines that the 
second location is not one of the permitted locations for the user (Column 5, lines 10 - 
21). 

Regarding claims 17, 19, and 33, Misra teaches a method as recited in claims 
30, 31, and 32, wherein: 

when the user is at the first location, the user interacts over a network with the 
first server machine using a first client machine at the first location, and 

when the user is at the second location, the user interacts over a network with 
the second server machine using a second client machine at the second location 
(Column 3, line 67 - Column 4, line 7; Column 4, line 66 - Column 5, line 2; Column 5, 
lines 10-19, wherein the user and machine locations are roaming in the system and 
which ever domain the user/machine combination logs in at it connects to that domains 
controller which is the same location as the machine location). 

Response to Arguments 

Applicant's arguments with respect to claims 10, 18, and 21 have been 
considered but are moot in view of the new ground(s) of rejection. 



Conclusion 
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Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to KEVIN BATES whose telephone number is (571)272- 
3980. The examiner can normally be reached on 9 am - 5 pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Glen Burgess can be reached on (571) 272-3949. The fax phone number 
for the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

/Kevin Bates/ 

Primary Examiner, Art Unit 2153 



